Manualshelf

NET/MASTER Management Services (MS) System Management Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
Flexible Security Administration
Introduction to Managing NonStop NET/MASTER MS
115414 NonStop NET/MASTER MS System Management Guide 1–11
Flexible Security
Administration
For maximum flexibility, NonStop NET/MASTER MS employs a “layered access”
model of security administration. You can restrict use of system resources at these
levels:
End-user terminal
User IDs and passwords for authenticating use of user IDs
External utilities and commands
Nodes in the network
User activity monitoring features, such as user activity logging and monitor-class
message alerts, provide security administration instrumentation. You can dynamically
change the configuration of almost all security administration features.
End-User Terminal Security Several features enable you to restrict the terminals from which a user can log on to
NonStop NET/MASTER MS.
You can restrict users to dedicated terminals. A dedicated terminal is a terminal at
which NonStop NET/MASTER MS controls the logon dialog. Unless you authorize a
user to log on by running the NNM utility program from the TACL prompt, the user
must log on from a dedicated terminal.
Note The NNM program is rarely used; most users work from terminals dedicated to NonStop NET/MASTER
MS. See Section 5, “Customizing the Operations Environment,” for an explanation of the procedure by
which you dedicate terminals.
You can also restrict users to specific terminals. A user ID definition record, which
specifies the user’s access to system resources, can be configured to allow a user to log
on only at specified terminals. You can specify up to ten terminals in the user ID
definition record. See Section 4, “Managing User Access and Privileges,” for
additional information about the user ID definition record and restricted terminals.
Using the terminal timeout features, you can configure a NonStop NET/MASTER MS
system to perform some action automatically after a period of inactivity (for example,
if a terminal is left logged on but unattended overnight or over a weekend). Such
actions might include:
Sending a message to the activity log and to select operators
Ringing an alarm in the physical terminal
Locking the terminal, which requires the user to reenter the password before
continuing to use NonStop NET/MASTER MS
Disconnecting the terminal from NonStop NET/MASTER MS
A user can lock a terminal, for enhanced terminal security, if the terminal will be
unattended for a period of time.